Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Setup Codeql with access token #6

Open
mikael-s-persson opened this issue May 20, 2023 · 0 comments
Open

Setup Codeql with access token #6

mikael-s-persson opened this issue May 20, 2023 · 0 comments
Assignees
@tbuschmann

Comments

@mikael-s-persson
Copy link
Collaborator

For security reasons, we need to setup codeql with a personal access token secret to be able to pull submodules. I do not have the sufficient access rights to add the access token. Thomas, can you do that?

It should work, as far as building / testing after merging #5

The build / test commands for this repo should be:

    bazel build -c opt --config=libc++ collision:all
    bazel test -c opt --config=libc++ collision:all

The steps to set up the codeql (as per Thomas) are as follows:

  1. Set up a 'classic' personal access token ('fine grained' didn't work for me, lmk if you get that to work).
  2. Add that token as a secret to the repo you're working with (https://github.com/theteamatx//settings/secrets/actions -> 'new secret')
  3. Add a .github/workflows/codeql.yml. Use the secret for the checkout action.
    This is my version: https://github.com/theteamatx/x-edr-eigenmath/blob/squash/.github/workflows/codeql.yml
    You'll want to use the name you gave the secret in that script.
    (Also, do not use the bazel cache action, that breaks the codeql analysis if no actual build happens).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tbuschmann tbuschmann

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mikael-s-persson @tbuschmann